From: Vincent Penquerc'h <vincent.penquerch@collabora.co.uk>
Date: Wed, 7 Jun 2017 15:17:50 +0000 (+0100)
Subject: openjpeg: guard against invalid memory access on crafted files
X-Git-Tag: 1.19.3~507^2~5146
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=903684aa78787f90ba95355ebc90d58bb31ce7a0;p=platform%2Fupstream%2Fgstreamer.git

openjpeg: guard against invalid memory access on crafted files
---

diff --git a/ext/openjpeg/gstopenjpegdec.c b/ext/openjpeg/gstopenjpegdec.c
index 60b9543..933c79d 100644
--- a/ext/openjpeg/gstopenjpegdec.c
+++ b/ext/openjpeg/gstopenjpegdec.c
@@ -1012,6 +1012,9 @@ gst_openjpeg_dec_handle_frame (GstVideoDecoder * decoder,
   if (!gst_buffer_map (frame->input_buffer, &map, GST_MAP_READ))
     goto map_read_error;
 
+  if (self->is_jp2c && map.size < 8)
+    goto open_error;
+
 #ifdef HAVE_OPENJPEG_1
   io = opj_cio_open ((opj_common_ptr) dec, map.data + (self->is_jp2c ? 8 : 0),
       map.size - (self->is_jp2c ? 8 : 0));